Likelihood to Recommend Well suited for general compliance, multiple initiatives, and integration with TeamMate. SAP GRC Process control may be better suited for an SAP environment. Oracle GRC may be better suited for an Oracle environment. Overall, BWise is a very cost effective, and flexible solution.
Read full review Product is a great tool to serve as a central point to compile and document sox controls. This allows transparency across the team and teammates to edit and view progress. The tool also provides an interface that will make it easy for the internal audit team to track and compile control requests. I particularly like how it lets all of the control owners take ownership of their controls. I am currently exploring some of the advanced tools that support testing and the accuracy and completeness of our data, which i'm very excited to explore.
Read full review Pros Great reporting tool (uses SAP Business Objects). It is quite flexible on types of reports that can be created and supported. Also the reporting consultants are very competent and nice. Highly customizable solution: almost everything can be tailored to an organization's needs, assessments, audits, issues, recommendations, tasks, etc. However, there's a trade-off between customization and the integration of different areas of the organization. Increases visibility and efficiency in the organization. BWise offers centralized repositories (catalogs) that can be easily accessed and used by everyone in the organization (e.g. Process catalog, Policies and Procedures catalog, Risks, Controls, Laws catalogs, etc.). Also, the application allows findings on controls tested by Audit to be automatically reflected in controls monitored by SOX for example, without the need for SOX to retest them. So one area can leverage on the work of other areas increasing operational efficiency. Increases integration and avoids silos. By choosing the correct design (e.g. Risk Workshops instead of Open Assessments), one area can see and benefit from another areas' work. An example was mentioned above; another would be Operational Risk area considering the results of Business Continuity, Vendor Management, Info Security, etc. assessments when carrying out theirs. Additionally, processes can be integrated: when contracting a new vendor for instance, one can include questions about data confidentiality and usage of models in the Vendor risk assessment. Answers to these could then trigger Info Sec / Model Risk assessments. Increases accountability. Application provides full audit/change log with the type of change, name of executor, and date of change. Easier follow-up. BWise sends automatic emails with reminders to the people required to take action on an issue, assessment, etc. Read full review HighBond is great for managing requests, to do’s, and review notes HighBond is generally flexible with the configuration and terminology you can use. HighBond is a good tool for centralizing risks, controls, test plans, and procedures in a framework that allows you to standardize its usage. Read full review Cons Integration with SAP for continuous control monitoring. Control mapping to standards: ISO; COSO; COBIT; HIPAA; SP800_53 (NIST); FedRAMP; PCI_DSS; BITS; GAAP; AICPA; BSI; CCM; COPPA; CSA Surveys. Read full review The current setup does not have a risk management option. There is not an easy way to catalog all audits and then cycle through them. The set up of tabs within a project can be a bit cumbersome and excessive. Read full review Likelihood to Renew BWIse is very flexible, and an affordable GRC tool.
Read full review Usability I found BWise to be very intuitive and user friendly.
Read full review Support Rating BWise support is knowledgeable and responsive. Bug fixes and development are also timely and ongoing.
Read full review HighBond by Galvanize support has some of the best and fastest support that I have experienced. Though we only contact them through emails, they were quick to provide insightful information about our problems. Whenever we email them about an issue, they would be able to reply in less than an hour, ready and prepared with useful solutions to address the issue.
Read full review Implementation Rating The main issues were managing the internal conflicts and competing objectives, rather than the capability and implementation of BWise itself.
Read full review I was not involved in the implementation, but i do think the interface works well and is a great tool to centralize our compliance program. I'm currently in the process of exploring many of the advanced features and using the Diligent Academy to learn about some of these exciting features to add value to our organization. I recently attended a CPE and was very impressed with the presenters and their energy and knowledge of the product
Read full review Alternatives Considered Wasn't personally involved in the vendor selection process. I am aware that one of the main drivers for selecting BWise was cost (I believe BWise total project cost was several times lower than
MetricStream 's).
Read full review Diligent Highbond stacks up somewhat poorly against our other tools. In addition to what was included above, we use some smaller tools that fulfill many of the gaps left by Diligent Highbond. We have since started to move away from Diligent Highbond.
Alteryx is better at processing data and their server tool can be used to publish results for review.
Read full review Return on Investment Increased employee efficiency especially considering incident management and follow up. Increased visibility and senior management information/awareness. Increased employee accountability. Reduction of silos. Read full review It has saved me time generating status reports It has saved me time in coordinating with others to obtain information, since it tracks requests and sends reminders It saves time with to dos and open reviews to keep track of tasks to be completed Read full review ScreenShots Diligent One Platform Screenshots